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DETAILED ACTION 



1 . Pursuant to USC 131, claims 1-28 are presented for examination. 

2. Claims 1-28 are pending. 



Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form 
the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-20 are rejected under 35 U.S.C. 102() as being disclosed by Shanklin 
etal. (U.S. Patent No. 6578147 B1). 

Regarding claim 1 , Shanklin et al. , discloses a method of managing utilization of 
network intrusion detection systems in a dynamic data center, said method 
comprising: providing a plurality of network intrusion detection systems, each 
being networked so that utilization of each network intrusion detection system 
can be based on demand for said network intrusion detection systems in said 
dynamic data center; receiving a monitoring policy and a plurality of monitoring 
points to be monitored on a network with any of said network intrusion detection 
systems; and automatically arranging the monitoring of said monitoring points 



Application/Control Number: 10/627,017 Page 3 

Art Unit: 2136 

using said network intrusion detection systems and said monitoring policy (col. 1 
lines 63-67 and col. 2 lines 1-18). 

Regarding claim 2 , Shanklin et al. . discloses the method as recited in claim 1 
wherein said automatically arranging the monitoring of said monitoring points 
includes: automatically configuring a plurality of network resources to provide 
network communication data from said monitoring points to a plurality of 
available network intrusion detection systems from said network intrusion 
detection systems; and automatically configuring said available network intrusion 
detection systems to receive said network communication data based on said 
monitoring policy (col. 4 lines 43-67 and col. 5 lines 1-11). 

Regarding claim 3 , Shanklin et al. , discloses the method as recited in claim 2 
wherein said automatically arranging the monitoring of said monitoring points 
further includes: automatically increasing a number of particular network intrusion 
detection systems receiving said network communication data from a particular 
monitoring point by selecting additional available network intrusion detection 
systems if said network communication data exceeds a capacity of said particular 
network intrusion detection systems (col. 5 lines 14-67 and col. 6 lines 1-55). 

Regarding claim 4 , Shanklin et al. . discloses the method as recited in claim 2 
wherein said automatically arranging the monitoring of said monitoring points 
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further includes: automatically decreasing a number of particular network 
intrusion detection systems receiving said network communication data from a 
particular monitoring point by releasing any of said particular network intrusion 
detection systems to said available network intrusion detection systems if said 
network communication data is below a predetermined threshold of a capacity of 
said particular network intrusion detection systems (col. 5 lines 14-67 and col. 6 
lines 1-55). 

Regarding claim 5 , Shanklin et aL discloses the method as recited in claim 2 
wherein said network resources include one of a firewall, a gateway system, a 
network switch, and a network router (col. 6 lines 58-67 and col. 7 lines 1-38). 

Regarding claim 6 , Shanklin et aL , discloses the method as recited in claim 1 
wherein said receiving a monitoring policy and a plurality of monitoring points to 
be monitored includes: providing a graphical user interface to receive said 
monitoring policy and said plurality of monitoring points to be monitored (col. 3 
lines 54-65). 

Regarding claim 7, Shanklin et al. , discloses the method as recited in claim 1 
wherein said dynamic data center is a utility data center (col. 1 lines 63-67 and 
col. 2 lines 1-18). 
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Regarding claim 8 , Shanklin et al. , discloses a computer-readable medium 
comprising computer-executable instructions stored therein for performing a 
method of managing utilization of network intrusion detection systems in a 
dynamic data center, said method comprising: providing a plurality of network 
intrusion detection systems, each being networked so that utilization of each 
network intrusion detection system can be based on demand for said network 
intrusion detection systems in said dynamic data center; receiving a monitoring 
policy and a plurality of monitoring points to be monitored on a network with any 
of said network intrusion detection systems; and automatically arranging the 
monitoring of said monitoring points using said network intrusion detection 
systems and said monitoring policy (Rejected under the same rationale as claim 

1). 



Regarding claim 9 , Shanklin et al. , discloses the computer-readable medium as 
recited in claim 8 wherein said automatically arranging the monitoring of said 
monitoring points includes: automatically configuring a plurality of network 
resources to provide network communication data from said monitoring points to 
a plurality of available network intrusion detection systems from said network 
intrusion detection systems; and automatically configuring said available network 
intrusion detection systems to receive said network communication data based 
on said monitoring policy (Rejected under the same rationale as claim 2). 
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Regarding claim 10 , Shanklin et aL discloses the computer-readable medium as 
recited in claim 9 wherein said automatically arranging the monitoring of said 
monitoring points further includes: automatically increasing a number of particular 
network intrusion detection systems receiving said network communication data 
from a particular monitoring point by selecting additional available network 
intrusion detection systems if said network communication data exceeds a 
capacity of said particular network intrusion detection systems (Rejected under 
the same rationale as claim 3). 

Regarding claim 11 , Shanklin et aL , discloses the computer-readable medium as 
recited in claim 9 wherein said automatically arranging the monitoring of said 
monitoring points further includes: automatically decreasing a number of 
particular network intrusion detection systems receiving said network 
communication data from a particular monitoring point by releasing any of said 
particular network intrusion detection systems to said available network intrusion 
detection systems if said network communication data is below a predetermined 
threshold of a capacity of said particular network intrusion detection systems 
(Rejected under the same rationale as claim 4). 



Regarding claim 12 , Shanklin et aL , discloses the computer-readable medium as 
recited in claim 9 wherein said network resources include one of a firewall, a 
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gateway system, a network switch, and a network router (Rejected under the 
same rationale as claim 5). 

Regarding claim 13 , Shanklin et al. , discloses the computer-readable medium as 
recited in claim 8 wherein said receiving a monitoring policy and a plurality of 
monitoring points to be monitored includes: providing a graphical user interface 
to receive said monitoring policy and said plurality of monitoring points to be 
monitored (Rejected under the same rationale as claim 6). 

Regarding claim 14 , Shanklin et al. . discloses the computer-readable medium as 
recited in claim 8 wherein said dynamic data center is a utility data center 
(Rejected under the same rationale as claim 7). 

Regarding claim 15 . Shanklin et al. . discloses the system comprising: a dynamic 
data center including: a plurality of network resources; a plurality of network 
intrusion detection systems, each being networked so that utilization of each 
network intrusion detection system can be based on demand for said network 
intrusion detection systems in said dynamic data center; a graphical user 
interface for receiving a monitoring policy and a plurality of monitoring points to 
be monitored on a network with any of said network intrusion detection systems; 
and a controller for controlling said network resources and said network intrusion 
detection systems and for automatically arranging the monitoring of said 
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monitoring points using said network intrusion detection systems and said 
monitoring policy (Rejected under the same rationale as claim 1). 

Regarding claim 16 , Shanklin et aL discloses the system as recited in claim 15 
wherein said controller automatically configures said network resources to 
provide network communication data from said monitoring points to a plurality of 
available network intrusion detection systems from said network intrusion 
detection systems, and wherein said controller automatically configures said 
available network intrusion detection systems to receive said network 
communication data based on said monitoring policy (Rejected under the same 
rationale as claim 2). 

Regarding claim 17 , Shanklin et aL , discloses the system as recited in claim 16 
wherein said controller automatically increases a number of particular network 
intrusion detection systems receiving said network communication data from a 
particular monitoring point by selecting additional available network intrusion 
detection systems if said network communication data exceeds a capacity of said 
particular network intrusion detection systems (Rejected under the same 
rationale as claim 3). 



Regarding claim 18 . Shanklin et aL . discloses the system as recited in claim 16 
wherein said controller automatically decreases a number of particular network 



I' 
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intrusion detection systems receiving said network communication data from a 
particular monitoring point by releasing any of said particular network intrusion 
detection systems to said available network intrusion detection systems if said 
network communication data is below a predetermined threshold of a capacity of 
said particular network intrusion detection systems (Rejected under the same 
rationale as claim 4). 

Regarding claim 19 , Shanklin et aL discloses the system as recited in claim 15 
wherein said network resources include one of a firewall, a gateway system, a 
network switch, and a network router (Rejected under the same rationale as 
claim 5). 

Regarding claim 20 , Shanklin et aL , discloses the system as recited in claim 15 
wherein said dynamic data center is a utility data center (Rejected under the 
same rationale as claim 7). 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Chinwendu C. Okoronkwo whose telephone number is 
(571) 272 2662. The examiner can normally be reached on MWF 9:30 - 7:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami can be reached on (571) 272 4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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